Interesting publication from the UK Serious Fraud Office providing comments on the impact of anti-fraud and anti-corruption legislation. It provides insights into current international legislation and related implications. Additionally it provides hands-on information regarding the management of forensic investigations and the implementation of preventive measures.
Serious Economic Crime: A boardroom guide to prevention and compliance
Tags: Compliance, compliance audit, Economic Crime, Fraud prevention, Prevention, Risk Management, UK Bribery Act
Belgian businesses are increasingly falling victim to cyber-crime. The trend is revealed by PwC’s ‘Global Economic Crime Survey 2011’. This bi-annual study, now in its sixth edition, in which 3,877 organisations have taken part worldwide, investigates fraud occurring within businesses and other organisations as committed both by staff and by customers and suppliers.
In Belgium, 84 undertakings, including 36 listed companies, participated in the survey. Of the Belgian organisations faced with economic fraud in the past year, no fewer than 44% (23% globally) said that they’d fallen victim to cyber-crime. Misappropriation of assets continues to be the most common form of economic crime here just like elsewhere in the world.
A further striking conclusion from the survey is the great divide between perception and reality: businesses under-estimate their vulnerability and fall victim to economic fraud more often than they imagine. It continues therefore to pose a stubborn problem, and not a single sector is spared. Which is why businesses have to protect themselves better, given that the economic damage being done is enormous. For 1 in 10 companies (worldwide) that were faced with cases of economic fraud in the last 12 months, the losses topped five million dollars.
Please click the following links to see the different reports:
Tags: computer crime, cyber crime, Economic Crime, Fraud, GECS2011, Global Economic Crime Survey, Risk Management
Granted, an audit is usually not perceived as a pleasant thing, but it doesn’t have to be a painful experience either.
Let’s imagine, for a moment, that you feel you have a rough idea what software is being used in your company. You have a robust security policy and more or less good guidelines on how software should be installed and used. But, you haven’t actually ever counted and verified against the contracts. Should you worry?
I am afraid the answer will be yes. Users often easily install software on corporate machines without giving it much thought. The company, however, can be held liable for this. But, the larger issues often lie within the server environment rather than the pc-environment. Due to the very nature of the software contracts and the rapid developments in IT, you can become heavily out of compliance by simple actions such as upgrading or changing a processor. As a result, a potential compliance audit by a software publisher may cause more disruption than desired and the findings may cause a small financial hangover. And if it doesn’t, you could worry that perhaps you have been spending too much on software.
For readers that just want to avoid worrying all together, maybe you want to think about a software asset management function. I will pick that up next time.
Cheers,
Sally
Tags: compliance audit, licence compliance audits, Risk, Risk Management, SAM, Software Asset Management, Software licence audits
Good risk management at UBS, you say?
The Harvard Business Review seems to thinks not…
HBR: UBS Systems Failed the “Too Big to Fail” Bank
An eye-opening piece on risk management systems at UBS, which permitted this massive fraudulent trading to take place, without ever being detected.
Despite a recent and large scale overhaul and improvement.
Sort of makes you think, doesn’t it?
Tags: Fraud, Fraud prevention, Risk, Risk Management
When fraud appears, the culprit identified is usually always the same: CONFIDENCE!
Most companies have developed internal control mechanisms but weaknesses are unfortunately often considered only after the onset of a suspicion or a fraud. Once on the field, the Forensic Auditor repeatedly remarks that most fraud’s cases are related to the following issues:
No matter that the fraud is perpetrated within or outside the organization, the only real way to protect an organisation from fraud is to implement efficient and effective controls with regular monitoring / controls testing.
Create or Challenge the control environment
The only way for an organization to effectively fight against fraud is to create an environment that’s discouraging it. Prevent fraud through the creation and implementation of processes and controls, codes of conduct and ethics along with management and staff training. A key element that is too often neglected is “communication”. A good fraud prevention plan involves the setting up of a “communication plan” tailored to both management and staff on the available tools to prevent and detect fraud as well as an action plan in case of a fraud case (suspicion).
Tags: Fraud prevention, Risk, Risk Management
Recent Comments